Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2000
Views
0
Helpful
1
Replies

Cisco Security Advisory - Local attacker

Rathsach
Level 1
Level 1

‎10-17-2019 05:03 AM

With reference to this advisory : https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-vman-cmd-injection

It says "A vulnerability in a Virtualization Manager (VMAN) related CLI command of Cisco IOS XE Software could allow an authenticated, local attacker.......". Keywords being "local attacker"

Definition of "Local" according to cvss v3 specs: https://www.first.org/cvss/v3.0/specification-document

"A vulnerability exploitable with Local access means that the vulnerable component is not bound to the network stack, and the attacker's path is via read/write/execute capabilities. In some cases, the attacker may be logged in locally in order to exploit the vulnerability, otherwise, she may rely on User Interaction to execute a malicious file."

 

How would you describe a "local attacker" from that given advisory i linked to, considering the cvss definitions? Example would be nice.

Labels:
0 Helpful
1 Reply 1

Seb Rupik
VIP Alumni
VIP Alumni

‎10-17-2019 05:17 AM

Hi there,

If we take a 'network' attacker to mean the source of the attack is remote to the device being targeted, then a 'local' attacker is sourced from the device itself which is being attacked.

 

As the vulnerability states, it is an authenticated user issuing CLI commands, which implies they have logged onto the system. By issuing CLI commands to the system itself they are able to exploit the vulnerability.

 

cheers,

Seb.

0 Helpful
Customers Also Viewed These Support Documents